Spring Security
  1. Spring Security
  2. SEC-1139

acl_object_identity.owner_sid should be 'not null' in schema

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Trivial Trivial
    • Resolution: Fixed
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: Docs and Website
    • Labels:
      None

      Description

      In the documentation (src/docbkx/appendix-db-schema.xml), acl_object_identity.owner_sid is defined as:
      owner_sid bigint,

      but in the code, AclImpl.java requires that the owner sid is not null, and in fact you'll get an exception from BasicLookupStrategy attempting to create sids with null values if you read an object identity with a null owner_sid. Triggered this bug migrating data from a non-spring/acegi acl implementation which didn't use owners.

      https://fisheye.springsource.org/browse/spring-security/trunk/src/docbkx/appendix-db-schema.xml

        Issue Links

          Activity

          Hide
          Luke Taylor added a comment -

          Thanks Baz. I've added that to the docs.

          The condition may be relaxed in future to allow the owner to be optional, but it is always possible to use a default or system owner so the cleanest solution is probably to retain the requirement in the default implementation and clarify that the owner must always be set.

          Show
          Luke Taylor added a comment - Thanks Baz. I've added that to the docs. The condition may be relaxed in future to allow the owner to be optional, but it is always possible to use a default or system owner so the cleanest solution is probably to retain the requirement in the default implementation and clarify that the owner must always be set.

            People

            • Assignee:
              Luke Taylor
              Reporter:
              Brian Ewins
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: